Identity, Payments, and Bitcoin: Big Changes Ahead

Steve KirschCEO, OneID

March 3, 2014

SecurePaymentAuthorization

My Focus Today

“Log me into HSBC.com”- Signed, Steve

“Pay 5 Euros to Amazon for Invoice #234343”

- Signed, Steve

Same protocol for authN and authZ; only the requested action is different

Authentication = Payment Authorization (if you do them securely)

The IETF Edition15 MYTHS

MYTH #1

There is no way to fix mass password and credit card breaches

The Problem is Shared Secrets

The Problem is Magnified

50% of users use the same password

EVERYWHERE

Password1Password1

Password1Password1

How Do We Solve the ProblemOnce and For All?

What We Need

Solution is Easy!

• Replace all those shared secrets with digital signatures. Duh!

OTPTOTP

OAUTHSS#, DOB

Pet’s nameTokenization

API key

• Solutions have been available for years …

• So why aren’t we using them?

“We will give you an option in the future to

login without using any shared secrets.”

What was NOT said:

Change is Hard...Even for a Billion Dollars!

AFAIK Not one company which has been

breached has EVER offered consumers the option of logging in

(or storing their credit card info) without using any

shared secrets.

Not One.

EVER.

Changing Behavior is HARD

1. We are not interested in hearing about your solution.

2. We are too busy right now to look into this.

3. This is not on the priority list for this year

4. You don’t have enough users yet to make this interesting to us

5. We aren’t allowed to use this because you have to be FICAM approved (and you can’t be FICAM approved because you don’t have enough users)

6. Conventional wisdom solution is 2FA; I’m sticking to what the consultants tell me

7. Nobody talks about this at RSA so this can’t be credible

8. What if your servers are down?

Pick an Excuse for Inaction from this Handy “Feel Good” List

9. So what’s the difference between shared secrets and digital signature again?

10. Google Authenticator is secure and free. Why do I need this?

11. I can’t tell the difference between OOB vs. in-band 2FA

12. Not aware of the solution

13. It’s new and different, FUD

14. Nobody else is using it so it can’t be good

15. “Our users aren’t asking for it”

16. This will be too hard for our users to use

17. How can we trust you?

18. I am worried this might reduce security

19. Our internal team is making the decision and your solution was not invented here

MYTH #2

Adopting 2FA eliminates password breaches

2FA Prevents Keylogging Attacks…

• …but does NOTHING to prevent mass breaches because (99% of the time) 2FA/browser token is just another shared secret!

• Users get frustrated• Few users adopt (unless forced to)• Users hate it• There are safer and easier ways

MYTH #3

This is OOB 2FA. Banks use this (So it must be safe)

That’s in-band 2FA!

• Enter code on the same computer…• MITM, MITB single point attackable• Not digitally signed

Like signing a blank check

In-band 2FA/MFA has not reduced fraud!

This is an Example of OOB 2FA

Re-hashed and signed here…

…and here

MYTH #4

Biometrics will fix this

Biometrics are a “Shared un-Secret”

• Biometrics are like a password you cannot change

• Biometrics ARE useful locally …• …if the relying party controls the reader

MYTH #5

Storing credit cards can’t be made secure

World’s safest PCI compliant vault

• Use crypto secret on user’s device to encrypt the card

• Store in federated identity (in cloud)• When need to purchase, the user’s

device asks for the encrypted card data, decrypts it, passes it to merchant

• Over 50 NGOs using Salsa Labs are using this method today for donations

World’s Safest PCI Compliant Vault

Encrypted Cards

Decryption Key(never leaves user’s device)

MYTH #6

Passwords are Bad

Passwords are Inherently Good• Passwords are 1 of 3 factors:

“something you know” Why would we want to eliminate that?!?• The problem is not passwords per se• The problem is how we use them

WRONG (as a shared secret)

“Password1”

Right Way (pwd, PIN)

Combine password (or PIN) with local high entropy salt and use that as private ECDSA signing key.

Password/PIN NEVER leaves your device. NEVER!

“Password1”+salt=ECDSA signing key

Challenge=transaction + nonce

Response=ECDSA-signed Challenge

On your device

• My OneID username is: stk@oneid.com

• My password is: x

• Try to log in as me

Short Passwords are Just Fine (When they

aren’t Shared Secrets)

MYTH #7

PKI, RSA Crypto, and EMV are all safe

Well…Not as Safe as you Thought

• PKINot end-to-end secure. Proof: DigiNotar. QED.

• RSA CryptoMay be broken soonUse ECC and ECDSA

• EMVNot end-to-end secureYou do not know what you are approving

MYTH #8

FIDO will fix all of This

WOOF, WOOF

FIDO (Fast IDentity Online) Alliance http://www.fidoalliance.org/

FIDO

FIDO is Authentication Only

• FIDO can eliminate risk of cloning private key• FIDO is authentication only, not authorization• FIDO is not a federated identity system

No device, key managementPoint-to-point authIf you have 10 devices and 500 RPs, painfulIf you lose a device, how register the replacement everywhere?Lots of issues left open

MYTH #9

All Federated Identity Providers are

Untrustable

You Can’t Trust Most Federated IdPs• Federated IdP examples: Facebook,

Google, LinkedIn, Twitter, …• A breach/goof @ IdP and

your identity is toast

Trustable Federated Identity• Trustable = “IdP can’t assert my identity

without my express consent” (no matter what happens @ IdP)

• Requires a crypto secret on the user’s deviceTest: New device requires an existing device?

• Trustable IdP uses end-to-end secure protocols

NOT Trustable Trustable

My computer

Trustable Federated Identity (TFI)

• Security Guaranteed by Architecture, not Operational Policy• ECDSA Digital Signatures Replace

all Shared Secrets• Simple protocols (complexity is the

enemy of security)• No Single Point of Compromise

Uses multiple digital signatures

SharedSecrets

2

6

5

1

34

Browser Sites

CloudMobile EncryptedRepository

A trustable federated identity: OneID

Patents granted and pending

TFI Benefits

• Store attributes securely (across all devices)• Private keys (e.g., for login, Bitcoin, …)• Secret keys• PII: Name, address, phone, etc.

• A user’s public keys are lifetime stable @ RP• Add 2FA to SSH, VPN

• Simple modification to authorized_keys file

• One password, PIN across all sites

MYTH #10

Trustable Federated Identity is too hard to use and

not as safe as Proprietary Identity

Really?! Says who?

• TFI is so easy that most users can’t tell (feels just like “login with Facebook” button)

• TFI is highly immune to all known threats. • According to crypto security experts, for

practical use, you can’t get more secure than a properly designed TFI system

MYTH #11

An IETF Standard is the Best Way to

Fix This

Do not treat this presentation as a “Shared Secret”

• Spread the word and walk the talk! • Why is IETF still using username/pwd for

IETF mailing lists?• Deploy on your website, use with VPN, SSH,

etc.• Share this presentation with your friends at

high impact places… Target, AT&T, …

BITCOIN MYTH #1

Bitcoin is Going to Die

New Mt. Gox logo

“Rumors of my death have been greatly exaggerated”

-Satoshi Nakamoto

• Vital signs stable even after disasters

• Nothing on the horizon that looks lethal

BITCOIN MYTH #2:Bitcoin is the Future of

Payments

The Future is End-to-End Secure Payments

• Bitcoin is just a crypto currencyIt may or may not be THE winner

• The winner will beDigitally signed end-to-end secure transactions Open APIs, simple money transfer protocol

Send(1.32, “BTC”, “Amazon”, “Invoice 123”)

Bitcoin Can’t be Regulated

BITCOIN MYTH #3

Bitcoin can be made compliant

• Companies are being started now to solve the Bitcoin compliance problem in a new way that the regulators really like

• Can protect consumers from another Mt. Gox and Bitinstant disaster

BITCOIN MYTH #4

It is safe to keep my Bitcoin in Coinbase or

Bitstamp

Coinbase and Bitstamp Use the Same Protection as Mt Gox:

In-band 2FA

• Can you say “shared secrets”?• Susceptible to mass breach and malware

on your computer• Recommendation: Only keep as much as

you can afford to use.• I use “Bitcoin Armory”• Safe and easy coming in 2014

How Can the IETF Help?

I’m not sure yet

Steve Kirsch on LinkedIn

Contact